Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/06/11 7:11 p.m.9 views

CVE-2026-53781 Summarize < 0.17.0 Disk Exhaustion via Uncapped Media Download

Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missing or misreported Content-Length headers, chunked transfer encoding, or failed HEAD requests...

5.3CVSS5.3AI score0.00329EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.11 views

PT-2026-41799

Name of the Vulnerable Software and Affected Versions iskorotkov/avro versions prior to 2.33.0 github.com/hamba/avro/v2 versions prior to 2.32.0 Description Several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before...

8.7CVSS7.2AI score0.00397EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/02 10:30 a.m.2 views

CVE-2026-32145 Multipart form body parser bypasses body size limits in wisp

Allocation of Resources Without Limits or Throttling vulnerability in gleam-wisp wisp allows a denial of service via multipart form body parsing. The multipartbody function bypasses configured maxbodysize and maxfilessize limits. When a multipart boundary is not present in a chunk, the parser tak...

8.7CVSS5.9AI score0.00622EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/25 2:10 a.m.7 views

CVE-2026-27607

RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.56 through 1.0.0-alpha.82, RustFS does not validate policy conditions in presigned POST uploads PostObject, allowing attackers to bypass content-length-range, starts-with, and Content-Type constraints. This enabl...

9.1CVSS5.6AI score0.00265EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2025/08/20 3:36 p.m.3 views

tomcat: Apache Tomcat denial of service

A denial of service flaw was found in Apache Tomcat. For some unlikely configurations of multipart upload, an integer overflow vulnerability may lead to a denial of service via bypassing size limits...

7.5CVSS7.2AI score0.0196EPSS
Exploits0References5
OSV
OSV
added 2025/07/10 7:15 p.m.3 views

UBUNTU-CVE-2025-52520

For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following...

7.5CVSS6.9AI score0.0196EPSS
Exploits0References6
Cvelist
Cvelist
added 2023/05/29 12:0 a.m.25 views

CVE-2023-24603

OX App Suite before backend 7.10.6-rev37 does not check size limits when downloading, e.g., potentially allowing a crafted iCal feed to provide an unlimited amount of data...

6.5AI score0.00759EPSS
Exploits0References2
Rows per page
Query Builder